Call us on +44 (0)1275 395 118

CVE-2021-44228: Apache Log4j Vulnerability

CVE‐2021‐44228: Apache Log4j Vulnerability

Posted on - 17.12.21

You may have recently heard or read about a new vulnerability which has been found in the Apache Log4j logging library. This is a common library which is used in many devices and platforms, versions 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 have features which do not protect against attacker controlled LDAP and other JNDI endpoints.

For more information please take a look at the NIST vulnerability database entry:

Our Vendors

We work closely with all our vendor partners and have been in contact with them to find out which, if any, of their systems might be affected by this vulnerability.

Plasma Cloud

As the Plasma Cloud platform is (mostly) Java-free their solution is not affected by this vulnerability.


All the Grandstream products, including devices, cloud platforms and software, are unaffected by the vulnerability

Commscope Ruckus

Commscope have released a security advisory (ID20211213) stating that the following products are not vulnerable: All Access Points (including Unleashed APs), Cloudpath, ICX Switches, Unleashed, and ZoneDirector.
If you are using Ruckus cloud, Smartzone or Unleashed Multi-site Manage (UMM) please contact our support team for more information on how to get security patches for these platforms once they are made available, if they have been found to be affected.

If you have any other concerns about this vulnerability please feel free to contact our support team who will be happy to discuss this with you.